CVE-2021-24238

Description

The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the requested property to be deleted belong to the user making the request, allowing any authenticated users to delete arbitrary properties by tampering with the property_id parameter.

Related CPE's

a purethemes findeo *****wordpress **

a purethemes realteo *****wordpress **

References

https://wpscan.com/vulnerability/b8434eb2-f522-484f-9227-5f581e7f48a5

ExploitThird Party Advisory

https://www.docs.purethemes.net/findeo/knowledge-base/changelog-findeo/

Release NotesVendor Advisory

https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-284]-Realteo-WordPress-Plugin-v1.2.3.txt

ExploitThird Party Advisory

https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-284]-Findeo-WordPress-Theme-v1.3.0.txt

ExploitThird Party Advisory

CvssV3 impact

BaseSeverity	MEDIUM
ConfidentialityImpact	NONE
AttackComplexity	LOW
Scope	UNCHANGED
AttackVector	NETWORK
AvailabilityImpact	NONE
IntegrityImpact	HIGH
PrivilegesRequired	LOW
BaseScore	6.5
VectorString	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Version	3.1
UserInteraction	NONE

CvssV2 impact

AccessComplexity	LOW
ConfidentialityImpact	NONE
AvailabilityImpact	NONE
IntegrityImpact	PARTIAL
BaseScore	4
VectorString	AV:N/AC:L/Au:S/C:N/I:P/A:N
Version	2.0
AccessVector	NETWORK
Authentication	SINGLE